diff options
| author | Frederick Muriuki Muriithi | 2024-09-16 15:14:40 -0500 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2024-09-16 15:19:21 -0500 |
| commit | 3c47081696e5a81f70e4ed509267725bc904434c (patch) | |
| tree | 0a5290f789c3765ac3b228af7b4eddb12acbec4d /gn_auth/auth/authorisation/resources/views.py | |
| parent | e829074e99fd5bec033765d18d5efa55e1edce44 (diff) | |
| download | gn-auth-3c47081696e5a81f70e4ed509267725bc904434c.tar.gz | |
Pass cursor rather than connection to create_resource function
In order to decouple the `create_resource` function from the related
functions that assign roles to users, this commit changes the code to
pass in a cursor rather than a connection.
The cursor will be the same cursor passed into the role assignment
functions ensuring that the resource creation and role assignment
happen in a single transaction.
Diffstat (limited to 'gn_auth/auth/authorisation/resources/views.py')
| -rw-r--r-- | gn_auth/auth/authorisation/resources/views.py | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/gn_auth/auth/authorisation/resources/views.py b/gn_auth/auth/authorisation/resources/views.py index 494fde9..23399e5 100644 --- a/gn_auth/auth/authorisation/resources/views.py +++ b/gn_auth/auth/authorisation/resources/views.py @@ -40,13 +40,14 @@ from gn_auth.auth.authentication.oauth2.resource_server import require_oauth from gn_auth.auth.authentication.users import User, user_by_id, user_by_email from .checks import authorised_for +from .errors import MissingGroupError +from .groups.models import Group, user_group from .models import ( Resource, resource_data, resource_by_id, public_resources, resource_categories, assign_resource_user, link_data_to_resource, unassign_resource_user, resource_category_by_id, user_roles_on_resources, unlink_data_from_resource, create_resource as _create_resource, get_resource_id) -from .groups.models import Group resources = Blueprint("resources", __name__) @@ -68,13 +69,20 @@ def create_resource() -> Response: resource_name = form.get("resource_name") resource_category_id = UUID(form.get("resource_category")) db_uri = app.config["AUTH_DB"] - with db.connection(db_uri) as conn: + with (db.connection(db_uri) as conn, + db.cursor(conn) as cursor): try: + group = user_group(conn, the_token.user).maybe( + False, lambda grp: grp)# type: ignore[misc, arg-type] + if not group: + raise MissingGroupError(# Not all resources require an owner group + "User with no group cannot create a resource.") resource = _create_resource( - conn, + cursor, resource_name, resource_category_by_id(conn, resource_category_id), the_token.user, + group, (form.get("public") == "on")) return jsonify(asdict(resource)) except sqlite3.IntegrityError as sql3ie: |